feat: Support IPv6 for delegated IPAM#38249
Conversation
|
Commit 53ec516 does not match "(?m)^Signed-off-by:". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
maintainer-s-little-helper
bot
added
the
dont-merge/needs-sign-off
maintainer-s-little-helper
bot
added
the
dont-merge/needs-release-note-label
github-actions
bot
added
the
kind/community-contribution
|
Commits 53ec516, f4effcd do not match "(?m)^Signed-off-by:". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
There was a problem hiding this comment.
Thanks for the PR! I think the change high-level makes sense to me, I'll review it a bit more in detail later. A few things that stood out to me from a high-level review perspective:
- Please use commit descriptions to provide some context what this change does and why it is needed (i.e. what problems it solves). While I have a guess what this is used for (a delegated IPAM plugin wants to install ENI-style per-device IP rules for IPv6), this should be part of the commit description.
- Squash all your commits into one and make sure sign off the commits. See https://docs.cilium.io/en/stable/contributing/development/dev_setup/#making-changes
- Let's not introduce new dependencies where not strictly necessary
Thanks!
Thanks @gandro for your comments. I will update the PRs with the info that you have asked for. |
I will wait for your review and make the fixes in a commit |
maintainer-s-little-helper
bot
removed
the
dont-merge/needs-sign-off
kadevu
force-pushed
the
ipam-uplink-v6
branch
2 times, most recently
from
be17226 to
49036b6
Compare
kadevu
changed the title
gandro
left a comment
gandro
left a comment
There was a problem hiding this comment.
Thanks for the changes! High-level, they look good to me now. A few minor issues with the implementation that need to be addressed
gandro
left a comment
gandro
left a comment
There was a problem hiding this comment.
Awesome work! One last thing that I noticed, then I think this is good to go.
|
/test |
1 similar comment
|
/test |
|
Please note that pushing to the branch invalidates CI results, therefore I recommend only updating the branch if necessary. I'll retrigger CI (and will take a look at failing tests, we currently have some flakes which are likely unrelated to the PR) Only organization members can trigger CI. |
|
/test |
Sure @gandro. There were a couple of tests failing in pkg/datapath/linux/routing/routing_test.go so I fixed them and pushed the changes. |
|
/test |
|
/test |
|
I think the multi-pool CI check is failing because the branch is outdated: https://github.com/cilium/cilium/actions/runs/14197243933/job/39775304335 I'll rebase the branch and re-run CI |
Signed-off-by: Rui Cao <[email protected]> Removed reference to v6 in RoutingInfo and AllocationResult Signed-off-by: Kaushik Vuligonda <[email protected]>
|
/test |
|
/test |
7 participants
For the scenario where there are multiple interfaces on a Node and delegated IPAM is used to determine the IP and the uplink interface of a Pod. The "interfaces" field can be used by IPAM plugin to pass uplink interface info to Cilium. And then Cilium can setup host routes for the Pod according to the uplink interface info.
The "interfaces" field is allowed to specify the related host interface according to the CNI spec and is already widely used by existing plugins, such as bridge and ptp plugin. It's actually not used by any IPAM plugin for now, but it's reasonable and conforms to the original definition of the field.
Motivations/Benefits of the PR for the native routing mode:
More cloud(public or private) envs with multiple uplink can be easily ingregrated with Cilium without involving any cloud specific logic. A common way is provided for the case: "uplink interface" support.
Cilium keeps full control of the Pod traffic. Cilium choose the implement of the "routing" for egress traffic, through Linux routes or eBPF forwarding rules or any other methods.
The IPv4 support for this was done as part of this PR #34779
This PR is for IPv6 support
These changes were initially authored by @caorui-io as part of this PR #36656 but had been inactive for a couple of months.